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ABSTRACT 



To prevent piracy or leakage of data content, a cryptography 
technique and electronic watermark technique are combined 
together and used. In a data content supplied to a user, a user 
data is entered as electronic watermark by a data manage- 
ment center, and the data content with an electronic water- 
mark entered in it is encrypted using a crypt key and is 
supplied. The encrypted data content is decrypted using a 
crypt key distributed from the data management center and 
is used. In case it is to be stored, it is encrypted using another 
crypt key. In case the data content is copied and transferred 
to other user, a user data of the other user is entered as 
electronic watermark, and a scenario to enter the user data 
of the other user as electronic watermark is registered at the 
data management center, and the data content with elec- 
tronic watermark entered in it is encrypted using another 
crypt key and is supplied. When the validity of the other user 
is confirmed by the scenario, another crypt key is distributed 
to the other user. The encrypted data content is decrypted 
using another crypt key and is used. When it is to be stored, 
it is encrypted using still another key. In case the data 
content has been copied and transferred illegitimately, it is 
possible by verifying the electronic watermark to identify 
the user who has copied and transferred the data content 
illegitimately. 

94 Claims, 5 Drawing Sheets 
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DATA MANAGEMENT SYSTEM 

CROSS-REFERENCE TO RELATED 
APPLICATIONS 

This application is a continuation of prior application Sen 
No. 09/362,955 filed Jul. 30, 1999, which is a Division of 
prior application Ser. No. 08/825,868, filed Apr. 2, 1997 
(now U.S. Pat. No. 6,002,772), which is a CIP of prior 
application Ser. No. 08/536,747, filed Sep. 29, 1995, now 
U.S. Pat. No. 6,069,952 and Ser. No. 08/549,270, filed Oct. 
27, 1995, now ABN. 

BACKGROUND OF THE INVENTION 

1. Field of the Invention 

The present invention relates to a system for managing 
data for using, i.e., storing, copying, editing, or transferring 
digital data content. 

2. Background Art 

Because analog data content is deteriorated in quality 
whenever storing, copying, editing, or transferring it, con- 
trolling copyrights associated with these operations has not 
been a serious problem. However, because digital data 
content is not deteriorated in quality after repeatedly storing, 
copying, editing, or transferring it, controlling copyrights 
associated with these operations for digital data content is a 
serious problem. 

Because there has been hitherto no adequate method for 
controlling a copyright for digital data content, the copyright 
is handled by the copyright law or. contracts. Even in the 
copyright law, compensation money for a digital-type 
sound- or picture-recorder is only systematized. 

Use of a data content includes not only referring to its 
contents but also normally effectively using by storing, 
copying, or editing obtained data person via on-line basis by 
a communication line or via off-line basis using a proper 
recording medium. Furthermore, it is possible to transmit the 
edited data content to the database to be registered as new 
data content. 

In a conventional database system, only character data 
content is handled. In a multimedia system, however, audio 
data content and picture data content which are originally 
analog data contents are digitalized and formed into a 
database in addition to the data content such as characters 
which have been formed into a database so far. 

Under these circumstances, how to deal with a copyright 
of data content in a database is a large problem. However, 
there has not been adequate copyright management means 
for solving the problem so far, particularly copyright man- 
agement means completed for secondary utilization such as 
copying, editing, or transferring of the data content. 

The inventor of the present invention proposed a system 
for managing a copyright by obtaining a permit key from a 
key control center via a public telephone line in Japanese 
Patent Laid-Open No. 46419/1994 (GB 2269302A) and 
Japanese Patent Laid-Open No. 141004/1994 (U.S. Pat. No. 
5,504,933) and moreover, proposed an apparatus for man- 
aging the copyright in Japanese Patent Laid-Open No. 
132916/1994 (GB 2272822A). 

Moreover, a copyright management method for primary 
utilization of digital data content such as display (including 
process to sound) or storage including real-time transmis- 
sion of the digital data content in a database system and 
secondary utilization of the digital data content such as 
copying, editing, or transferring of the digital data content 
by further developing the above invention is proposed in 
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Japanese Patent Application No. 64889/1994 (U.S. patent 
application Ser. No. 08/416,037). 

The database copyright management system of the above 
application in order to manage the copyright, either one or 

5 more of a program for managing the copyright, copyright 
information, and a copyright control message are used in 
addition to a use permit key corresponding to a requested 
use, and data content which has been transferred with 
encryption is decrypted to be used for viewing and editing, 

10 and the data content is encrypted again when used for 
storing, copying and transferring. 

The copyright control message is displayed when utiliza- 
tion beyond the range of the user's request or authorized 
operation is found to give caution or warning to a user and 
the copyright management program performs monitoring 
and managing so that utilization beyond the range of the 
user's request or authorized operation is not performed. 

On the other hand, it is widely practiced to establish LAN 
(Local Area Network) by connecting computers with each 
other in offices, organizations, companies, etc. Also, a plu- 
rality of networks are connected with each other, and Inter- 
net is now organized in a global scale, by which a plurality 
of networks are utilized as if they are a single network. 

25 In LAN used in an organization such as firms, secret 
information is often stored, which must not be disclosed to 
outsiders. For this reason, it is necessary to arrange the secret 
information in such a manner that only a specific group of 
users can gain access and use such information, and such 

30 access is generally placed under control to prevent leakage 
of secret information to outsiders. 

There are roughly two methods to control the access: a 
method to control access with access permission, and a 
method to do it by encryption. 

The method of access control by access permission is 
described in U.S. Pat. Nos. 5,173,939, 5,220,604, 5,224,163, 
5,315,657, 5,414,772 and 5,438,508, in EP506435, and in JP 
Laid-Open 169540/1987. 

The access control method based on encryption is dis- 
closed in U.S. Pat. Nos. 4,736,422, 5,224,163, 5,400,403, 
5,457,746, and 5,584,023, in EP 438154 and EP 506435, and 
in JP Laid-open 145923/1993. The access control method 
based on encryption and digital signature is described in 
U.S. Pat. Nos. 4,919,545 and 5,465,299. 

45 

Intranet is now being propagated, in which a plurality of 
LANs are connected with each other via Internet and these 
LANs are utilized as if they are a single LAN. In the intranet, 
information exchange is performed via Internet, which basi- 
cally provides no guarantee for prevention of piracy, and 
information is encrypted to prevent the piracy when secret 
information is exchanged. 

The prevention of information piracy during transmission 
by means of encryption is disclosed in U.S. Pat. Nos. 

55 5,504,81 8 and 5,515,441, and the use of a plurality of crypt 
keys is described in U.S. Pat. Nos. 5,504,816; 5,353,351, 
5,475,757, and 5,381,480. Also, performing re-encryption is 
described in U.S. Pat. No. 5,479,514. 

When encrypting, management of crypt key including 

60 transfer and receipt of crypt key becomes an important issue. 
Generation of keys by IC card is disclosed in U.S. Pat. No. 
5,577,121, and encryption/decryption by IC card is dis- 
closed in U.S. Pat. Nos. 5;347,581 and 5,504,817. Also, 
electronic watermark technique is described in EP 649074. 

65 In the video conference system, a television picture has 
been added to the conventional voice telephone set. 
Recently, the video conference system is advanced in which 
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a computer system is incorporated in the video conference 
system so that the quality of the voice and the picture are 
improved, and data content can be handled at the same time 
as well as the voice and the picture. 

Under these circumstances, security against the violation 
of the user's privacy and the data content leakage due to 
eavesdropping by persons other than the participants of the 
conference are protected by the cryptosystem using a secret- 
key. 

However, since the conference content obtained by the 
participants themselves are decrypted, in the case where 
participants themselves store the content of the conference 
and sometimes edit the content, and further, use for second- 
ary usage such as distribution to the persons other than the 
participants of the conference, the privacy of other partici- 
pants of the video conference and data content security 
remains unprotected. 

In particular, the compression technology of the transfer 
of data content is advanced while the volume of the data 
content storage medium is advanced with the result that the 
possibility is getting more and more realistic that all the 
content of the video conference may be copied to the data 
content storage medium or transmitted via a network. 

Also, electronic commerce system with digital data con- 
tent for commercial dealing is now being used for practical 
applications. Above all, various types of experiments are 
now under way for digital cash system to exchange elec- 
tronic data content instead of cash so that the system can be 
used by general public. 

The digital cash system which has been proposed so far is 
based on a secret-key cryptosystem. The encrypted digital 
cash data content is transferred from a bank account or a 
cash service of a credit company, and is stored in an IC card 
so that a terminal device for input/output is used to make a 
payment. The digital cash system which uses this IC card as 
a cash-box can be used at any place such as shops or the like 
as long as the input/output terminal is installed. However, 
the system cannot be used at places such as homes or the like 
where no input/output terminal is installed. 

Since the digital cash is an encrypted data content, any 
device can be used as the cash-box which stores digital cash 
data content, in addition to the IC card, as long as the device 
can store encrypted data content and transmit the data 
content to the parly to which the payment is made. As a 
terminal which can be specifically used as the cash-box, 
there are personal computers, intelligent television sets, 
portable telephone sets such as personal digital assistant 
(PDA), personal handyphone system (PHS), intelligent tele- 
phone sets, and PC cards or the like which has an input/ 
output function. 

It is desirable that the digital cash is processed as an object 
associated with data content and functions instead of being 
as a simple data content. In handhng a digital cash, there are 
a common digital cash form, an unentered digital cash form 
private for an owner, an entry column in the digital cash 
form private for the owner, a digital cash data content 
showing an amount of money, an instruction of handling 
digital cash, and a digital cash form private for the owner in 
which an amount of money is entered. In an object-oriented 
programming, concepts such as an object, a class, a slot, a 
message and an instance are used. 

In these correspondence relations, the common digital 
cash form is the object; the unentered digital cash form 
private for an owner: the class; the entry column of a digital 
cash form private for the owner; the slot; the instruction of 
handling digital cash: the message; and the digital cash form 
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private for the owner in which an amount of money is 
entered; the instance. 

A digital cash data content comprising the amount of 
money and the like is used as an argument, then, is irans- 
5 ferred and stored in the slot which is referred to as an 
instance variable by the message so that a new instance is 
made which is a digital cash in which the amount of money 
is renewed. 

The encryption technique used in the data management 
system is utilized not only in the distribution of copyrighted 
data content but also in the distribution of digital cash. 

Then, basic encryption-related technique used in the 
present invention is described below. 
^3 Crypt Key 

Secret-key system is also called "common key system" 
because the same key is used for encryption and decryption, 
and because it is necessary to keep the key in secret, it is also 
called "secret-key system/' Typical examples of encryption 
algorithm using secret-key are: DES (Data Encryption 
Standard) system of National Bureau of Standards, FEAL 
(Fast Encryption Algorithm) system of NTT, and MISTY 
system of Mitsubishi Electric Corp. In the embodiments 
described below, the secret-key is referred as "Ks". 
^3 In contrast, the public-key system is a cryptosystem using 
a public-key being made public and a private-key, which is 
maintained in secret to those other than the owner of the key. 
One key is used for encryption and the other key is used for 
decryption. Topical example is RSA public-key system. In 
the embodiments described below, the public-key is referred 
as "Kb", and the private -key is referred as "Kv". 

Here, the operation to encrypt data content, a plain text 
material M to a cryptogram Cks using a secret-key Ks is 
expressed as: 

Cks~E{M, Ks). 

The operation to decrypt the cryptogram Cks to the plain 
text data content M using a crypt key Ks is expressed as: 

40 M=D{Cks, Ks). 

Also, the operation to encrypt the plain text data content 
M to a cryptogram Ckb using a public key Kb is expressed 
as: 

45 

Ckb^E{M, Kb). 

The operation to decrypt the cryptogram Ckb to the plain 
text data content M using a private-key Kv is expressed as: 

50 M='D(Ckv, Kv). 

The operation to encrypt the plain text data content M to 
a cryptogram Ckv using a private-key Kv is expressed as; 

55 Ckv~E{M, Kv), 

and the operation to decrypt the cryptogram Ckv to the plain 
text data content M using the public-key Kb is expressed as: 

M^DiCkb, Kb). 

60 

The encryption technique is the means to exclude ille- 
gitimate use of data content, but perfect operation is not 
guaranteed. Thus, the possibility of illegitimate use of data 
content cannot be completely excluded. 
65 On the other hand, electronic watermark technique cannot 
exclude the possibiUty of illegitimate xise, but if illegitimate 
use is detected, it is possible to check the illegitimate use by 
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verifying the content of electronic watermark, and there are 
a number of methods in this technique. These methods are 
described in Nikkei Electronics, No. 683, 1997-2-24, pp. 
99-124, "'Digital watermark' to help stop to use illegal 
proprietary digital works in the multimedia age." Also, 
description is given on this technique by Walter Bender et 
al., "Introducing data-biding technology to support digital 
watermark for protecting copyrights," IBM System Journal, 
vol. 35, Nos. 3 & 4, International Business Machines 
Corporation. 

SUMMARY OF THE INVENTION 

To prevent piracy or leakage of data content, a cryptog- 
raphy technique and electronic watermaric technique are 
combined together and used. In a data content supplied to a 
first user, a first user data is entered as electronic watermark 
by a data management center, and the data content with an 
electronic watermark entered in it is encrypted using a crypt 
key and is supplied. The encrypted data content is decrypted 
using a crypt key distributed from the data management 
center and is used. In case it is to be stored, it is encrypted 
using another crypt key. 

In case the data content is copied and transferred to a 
second user, a user data of the second user is entered as 
electronic watermark, and a scenario to enter the user data 
of the second user as electronic watermark is registered at 
the data management center, and the data content with 
electronic watermark entered in it is encrypted using another 
crypt key and is supplied. When the validity of the second 
user is contirmed by the scenario, another crypt key i s 
distributed to the second user. The encrypted aata content Is 
decrypted using anot her crvpt key and is usej . When it is to 
be stored, it is encrypted us ing still another key . 

In the data content obtained by the first user, the first user 
data is entered as electronic watermark by a data center. If 
the data content is copied and transferred without taking a 
normal procedure, the data center verifies the electronic 
watermark entered there, and it is possible to detect that the 
first user has copied and transferred the data content without 
taking a normal procedure. 

When it is copied and transferred by a normal procedure, 
electronic watermark of each user is entered, and this makes 
it possible to clearly define the route of copying and transfer. 
When copying and transfer are repeated, noise in the data 
content is increased by the entered electronic watermark, 
and this makes it possible to exclude and inhibit copying and 
transfer, i.e. to decrease the risk of illegitimate utilization of 
data content. 



BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is a block diagram of a data management system 
of a first embodiment of the present invention. 
J FIG. 2 is a block diagram of a data management system 
of a second embodiment of the present invention. 

FIG. 3 is a block diagram of a data management system 
of a third embodiment of the present invention. 

FIG. 4A represents a flow chart of processing performed 
10 on a first user side in the data management system of a fourth 

embodiment of the present invention. 
y'y- FIG. 4B represents a flow chart of processing performed 
on a second user side in the data management system of a 
fourth embodiment of the present invention. 

DETAILED DESCRIPTION OF THE 
INVENTION 

The present invention is a digital data manageinent sys- 
tem described with respect to copyright management. In the 
following description, numerous specific details are set forth 
to provide a more thorough description of the present 
invention. It will be apparent, however, to one skilled in the 
art, that the present invention may be practiced without these 
specific details. In other instances, well known features have 
not been described in detail so as not to obscure the present 
invention. 

The following explanation is provided to iflustrate various 
embodiments of the invention, 
[Embodiment 1] 

Description is given now on the first embodiment of the 
invention referring to FIG. 1. 

(1) A data management center comprises a data center and 
a key center, while these may be organizations indepen- 
dent from each other. At the data center in the data 
management center, data content MO of IP (information 
provider) may be stored in database in advance or may be 
transferred from IP each time at the request of a first user 
Ul. 

(2) The first user Ul specifies a data content name TmO to 
the key center, presents a user data II and a public-key 
Kbl of the first user, and requests the distribution of a 
secret-key Ksl for decryption and a secret-key Ks2 for 
re-encryption. 

As the user data, a user ID, a user E-mail address or a 
secret-key generated to the request of secret-key of the user 
can be used. Further, a random number prepared by the data 
center as the one specific for the user can be used. 



20 
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40 



45 



„ , . r..j. . ^ ' , Also, It may be designed in such a manner that the data 

Because a key used for eacryption of the data content is . '' . ° , , ■ r 

, . ^ Lx-i ju ^ management center combines the first user information 



stored at the key center, the key center can be utilized when 50 
a key escrow system or a key recovery system is used in a 5^ 
practical application. 

Further, the secret-key can be used as user data and the 
secret-key is encrypted using the public-key of the data 
center and this is entered as electronic watermark. By 55 

decrypting this using the private-key of the data center when be"us7d'as the user data. 

^ (3) The ke y Renter ^ g enerates the secret-keys Ksl and K s2 
and fitnr^s them toE^ether with the data content name TmO, 



(having data amount of several tens of bytes in general) with 
^ the first user public-key Kbl (having data amount of about 
^ one thousand bits) and obtains a first user data II (having 
data amount of one thousand and several hundreds of bits), 
and that MD5 hash value of 16 bytes, obtained by turning the 
first user data II to hash value by MD5 hash algorithm, can 



necessary and by confirming the secret-key, it is possible to 
achieve a key escrow system or a key recovery system in 
simple manner but with high security. 

In addition to copyright management of data content 
using a charged crypt key, the present invention is also 
applicable in applications such as maintenance of privacy of 
participants in a video conference based on a video confer- 
ence system using a free-of-charge crypt key and also for 
maintenance of security of the data content, or the mainte- 
nance of data security in electronic data interchange (EDI) 
such as electronic commerce. 



60 



65 



the first user data II and the tirst user putiiic-icey kdi, and 
the secret-keys Ksl and Ks2 are encrypted using the first 
user public-key Kbl: 

Ckslkbl=E{Ksl, Kbl) 
Cks2kbV^E{Ks2, Kbl) 

and the encrypted secret-keys Oa&XkbX and Cks2/:M are 
distributed to the first user. 
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(4) The first user Ul decrypts the distributed secret-keys 
OisVcbl and Ckslkbl for encryption using the first user 
private-key Kvl: 

KsUD{Ckslkbl, Kvl) 
Ks2^D{Cks2kbl, Kvl). 

The decrypted secret-keys Ksl and Ks2 are stored in the 
device. The user is not the owner of the secret-keys Ksl and 
Ks2, but the key center or the data center is the owner. 
Because there may be possibility of improper use of the 
secret-keys if the management of the secret-keys is made by 
the user, the secret-keys Ksl and Ks2 are automatically 
-' Stored in IC card . PCMQA card, insert board or software 
which are not under the user's control. 

Here, the fee to use the data content M O is charged. The 
secret-keys Ksl and Ks2 can be generated using the first user 
data II. If the data content name and the first user data II are 
available, Ksl can be generated again. Therefore, it will 
sufSce that the data content name TmO, the first user dat a II 
a nd the first user public-key Kbl are'store d. I'lie secret-keys 
may be selected each time from library of the key center 
instead of generating them. 

Japanese Patent Laid-Open 271865/1995, filed by the 
present inventor, describes a method to divide a copyright 
management p rogram and to distribute by attachin g to each 
data content and key. 

llusTGethod can (5e appMed to the secret-keys themselves, 
and the secret-key Ksl can be divided to partial secret-keys 
Ksll and Ksl2 as: 

and the secret-key Ks2 can be divided to partial secret-keys 
Ks21 and Ks22 as: 

Ks2l+Ks22^s2. 
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30 



35 



The scenario of editing process of the data content Ml 
(information relating to electronic watermark-such as the 
first user data) is stored to use for verification. 

As a simplified procedure, the first user data II may be 
entered as an electronic watermark Wil instead of the 
encrypted first user data CiVcbO for the electronic water- 
mark. 

(9) The first user Ul decrypts the encrypted electronic 
watermarked data content Cml/::sl using the secret-key 
Ksl for decryption: 

m-D{Cmlksl, Ksl) 

and uses it. 

In this case, the secret-key Ksl is abandoned by the 
procedure such as overwriting of the secret-key Ks2 on the 
secret-key Ksl. 

(10) Whe n the data content Ml is stored in the fif^Qragc uni t, 
the data content jvii is r e-encrypted using the secret-key 
Ks2 for re-encryption; 

Cmlks2'-E{m>Ks2) 

and it ^ is stQr e.d_as,a^r e-enc rvpted^data.cQntejit Cml/c;y2 . 

(11) When the first user re-uses the re-encrypted data content 
Cmlksl, the first user Ul reads the re-encrypted data 
content Cmlksl stored in the storage unit on memory, and 
decrypts it using the secret-key Ks2 and uses it. When the 
first user stores the data content Ml again, the data 
content Ml is re-encrypted using the secret-key Ks2 for 
re-encryption, and the re-encrypted data content Cmlks2 
is stored in the storage unit. 

(12) In case the first user transfers the data content Ml to a 
second user U2, the first user Ul encrypts a second user 
data 12 using a public-key KbO of the data center: 

cakbO=E(n, KbO), 



The partial secret-keys Ksll and Ks21 are distributed as -^^ enters the encrypted second user data CUkbO as electronic 



partial secret-keys, and the remaining partial secret-keys 
Ksl2 and Ks22 are attached to the data content and distrib- 
uted. Then, the first user cannot engage any more in the 
management of the secret -keys Ksl and Ks2. 

(5) The first user Ul presents the first user data U, specifies 
the data content name- TmO, and requests the distribution 
of the data content MO to the data center. 

(6) The data center transfers the first user data II and the data 
content name TmO presented by the first user to the key 
center and asks to transfer the secret-keys Ksl and Ks2. 

(7) The key center transfers the secret-keys Ksl and Ks2 to 
the data center. 

(8) The data center encrypts the first user data U using the 
public-key KbO of the data center: 

OljfeW)=£(A,iffo0), 

and the encrypted first user data CilkbO is entered as an 
electronic watermark WcilldfO to ' the data content MO 
requested by the first user Ul, a nd a data content Ml wi th 
electronic watermark is edited as: 

And this is fu rther encryp t ed ii sin the secret-key Ksl: 

Cmlksl'^im, Ksl), 

to be an encrypted electronic watermarked data content 
Cmlfol. This is distributed to the first user Ul by data 65 
communication or data broadcasting or b y recording oa ,a^ 
medium. 



45 



50 



55 



60 



watermark Wci2A:60 to the data content Ml requested by the 
second user U2 and edits to a data content M2 with elec- 
tronic watermark: 

m=Ml+Wci2kbO={m+Wcilkb&)+Wcakm. 

As a simpUfied procedure, the second user data 12 may be 
entered as electronic watermark Wi2 instead of the 
encrypted second user data C]2kbQ, 

(13) After the data content Ml with electronic watermark is 
edited to the data content M2 with electronic watermark, 
the first user Ul transfers the scenario of editing process 
of the edited data content M2, i.e., information relating to 
electronic watermark such as the second user data, to the 
key center and registers it. As a result, the second user can 
use the data content. 

(14) Further, the first user Ul encryp ts the data con tent M2 
with electronic watermark usmg"the secret-key Ks2: ' 

Cm2fo2=£(Afi, Ks2) 

and encrypted electronic watermarked data content Cm2ks2 
is obtained. 

(15) The first user Ul transfers the encrypted electroni c 
w atermarked dat a cont ent Cm2ks2 to the second tiser U2 
by d ata communic afio n or by copying it on a medium . 

(16) THe second user 0^ stores the transferred encrypted 
electronic watermarked data content Cm2ks2 in the stor- 
age unit. 

The second user U2 specifies the data content name TmO 
to the key center, presents a public-key Kb2 of the second 
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user, and requests the distribution of the secret-key Ks2 for content, and this dears the route of copying and transfer, 

decryption and the secret-key Ks3 for re-encryption. When copying and transfer are repeated, noise in the data 

(17) The key center confirms according to the stored see- content increases by the entered electronic watermark, and 
nario that the second user U2 is a valid user and generates this makes it possible to exclude and inhibit copying and 
the secret-key Ks3 and stores it. Then, the stored secret- s transfer, i.e. to decrease the risk of illegitimate utilization, 
key Ks2 and the generated secret-key Ks3 are encrypted Because a key used for encrypting the data content is 
using the public -key Kb2 of the second user: stored at the key center, the key center can be utilized when 

a key escrow system or a key recovery system is used in a 

cks2kb2«E(Ks2, Kbi) practical application. 

]0 Further, the secret -key can be used as user data, and the 

° ^ ' ^' secret-key is encrypted using the p ublic-key of the d ata 

Then, the encrypted secret-key Ckslkbl and the encrypted center and this is entered as elecTFonic watermarK. by 

secret-key Cks3Jt62 are distributed to the second user U2. decrypting this using the pnvate-key of the data center when 

(18) The second user U2 decrypts the encrypted secret-keys necessary and by confirming the secret-key, it is possible to 
C^kbl and Cks3Jtfe2 using a private-key Kv2 of the 15 achieve a key escrow system or a key recovery system in a 
second user: ^^^^P^^ ^^^^y ^^^^^ manner. 

[Embodiment 2] 

Ksl~D{Ckslkb2, Kv2) Description is given now on a second embodiment of the 

invention referring to FIG. 2. 

K£y-DiCksZkb2, Kv2). 20 (1) A data management center comprises a data center and 

_j ^, ir^jxra 4. A ' ir^ a key center, while these may be organizations indcpcn- 

The decrypted secret-keys Ks2 and Ks3 are stored in IC dent of each other ^ & ^ 

card, PCMCIA card, insert board or software. ^ . ™,„,„^r„^„t ™t^r . ^.t, 

' . J XT * *u A At the data center id the data management center, a data 

The secret-keys Ks2 and Ks3 at the second user are . rTn/- c j \ - * j - j \ u 

, J, , J i . J J . J • *u content MO of IP (information provider) IS stored in database 

handled and are decrypted and stored in the same manner as . , iT^n i^/^^e^r^^A p^^,^ jh^^^^u 

1 J ^ * *u c . 25 in advance or the data coDtent MO IS transterred trom IF each 

the secret-keys Ksl and Ks2 at the first user. ♦ c *u « » rn 

/^o\ J TT-^ J *u *j 1 . ■ time at the request of the first user Ul. 

(19) TTie second user U2 reads the encrypted electromc ^^j^^^ ^ ^^^^^^ ^^^^ ^ 

watermarked data intent Cm2te2 stored in the storage ^ jj ^ tlic-key Kbl 

unit on memory and decrypts it using the stored secret- ^.1.^1: j . *u j -u «• f 
V ^ - J I' & of the first user, and requests the distribution of a secret- 
ly ' 30 key Ksl for decryption and a secret-key Ks2 for 
m^DiCm2ks2, Ks2) re-encryption. 

Here, the fee to use the data content MO is charged, 

and uses it. As the user data, a user ID, a user E-mail address or a 

In this case, the secret-key Ks2 is abandoned by the secret-key generated to the request of secret-key of the user 

procedure such as overwriting of the secret-key Ks3 on the 35 can be used. Further, a random number prepared by the data 

secret-key Ks2. center as the one specific for the user can be used. 

(20) When the data content M2 is stored again in the storage Also, it may be designed in such a manner that the data 
unit, the data content M2 is re-encrypted using the secret- management center combines the first user information 
key Ks3 for re-encryption and is stored as the (havingdataamountofseveraltensof bytes in general) with 
re -encrypted data content Cm2Jts3. 40 a first user public-key Kbl (having data amount of about 

(21) When the second user U2 re-uses the re-encrypted data 1000 bits) and obtains a first user data II (having data 
content Cm2jks3, the re-encrypted data content Cm2iks3 amount of one thousand and several hundreds of bits), and 
stored in the storage unit is read on memory, and it is that MD5 hash value of 16 bytes, obtained by turning the 
decrypted using the secret-key Ks3 and is used. first user data II to hash value by MD5 hash algorithm, can 

(22) When the second user stores the data content M2 again, 45 be used as the user data. 

the data content M2 is re-encrypted using the secret-key (3) The key center generates the secret-keys Ksl and Ks2 

Ks3 for re-encryption, and the rcTcncrypted data content and stores them together with a data content name TmO, 

Cm2fcs3 is stored in the storage unit. the first user data II and the first user public-key Kbl, and 

Then, the same procedure is repeated. the secret-keys Ksl and Ks2 are encrypted using the first 

The embodiment as described above is arranged under the 50 user public-key Kbl: 
assumption that the distributed data content is utilized at real 

time, while it may be designed in such a manner that the data CksikbV'^Ei^sX, Kbl) 

content obtained in advance and stored by the user is cks2kbi''EiKs2,Kbi) 
decrypted later and is used. 

In such a case, the first user is at the position of the second 55 and the encrypted secret-keys Ckslfcbl and Cks2kbl are 

user in the above embodiment, and a similar operation is distributed to the first user 

performed. (4) The first user Ul decrypts the secret -keys Ckslkbl and 

As it is evident from the above description, the first user CksZkbl thus distributed using the first user private -key 

data is entered as electronic watermark in the data content Kvl: 

obtained by the first user by the data center. 60 

Therefore, if it is copied and transferred without taking a Ksi''D{Cksim,Kvi) 

normal procedure, the data center verifies the electronic Ks2=D{Cks2kbi, Kvi). 

watermark entered therein, and it is detected that the first 

user has copied and transferred it without taking a normal The decrypted secret-keys Ksl and Ks2 are stored in the 

procedure. 65 device. The user is not the owner of the secret-keys Ksl and 

When it is copied and transferred by a normal procedure, ks2, but the key center or the data center is the owner, 

electronic watermark of each user is entered in the data Because there may be possibility of improper use of the 
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secret-keys if the management of the secret-keys is made by 
the user, the secret-keys Ksl and Ks2 are automatically 
stored in IC card, PCMQA card, insert board or software 
which are not under the user's control. 

The secret- keys Ksl and Ks2 can be generated using the 5 
first user data II. If the data content name and the first user 
data U are available, Ksl can be generated again. Therefore, 
it will sufiSce that the data content name TmO, the first user 
data U and the first user public-key Kbl are stored. 

The secret-key may be selected each time from library of lO 
the key center instead of generating them. 

Japanese Patent Laid-Open 271865/1995, filed by the 
present inventor, describes a method to divide a copyright 
management program and to distribute respectively together 
with data content and key attached thereto. 15 

This method can be applied to the secret-keys themselves, 
and the secret-key Ksl can be divided to partial secret-keys 
KsU and Ksl2 as: 



20 



iCfii+/:si2-/&i 

and the secret-key Ks2 can be divided to secret-keys Ks21 
and Ks22 as: 

Ks2UKs2l^s2. 



The partial secret-keys Ksll and Ks21 are distributed as 
partial secret-keys, and the remaining partial secret-keys 
Ksl2 and Ks22 are attached to the data content and distrib- 
uted. Then, the first user cannot engage any more in the 
management of the secret-keys Ksl and Ks2. 

(5) The first user Ul presents the first user data U, specifies 
the data content name TmO, and requests the distribution 
of the data content MO to the data center. 

(6) The data center transfers the first user data II and the data 
content name TmO presented by the first user to the key ^5 
center and asks to transfer the secret -keys Ksl and Ks2. 

(7) The key center transfers the secret-keys Ksl and Ks2 to 
the data center. 

(8) The data center encrypts the first user data II using the 
public-key KbO of the data center: 

cakbO-^Ein.KbO) 

to an encrypted first user data Cil^60. The encrypted first 
user data CilkbO is entered as an electronic watermark 
WcilJti^O to the data content MO, and a data content Ml with 45 
electronic watermark is edited: 



and this is further encrypted using the secret-key Ksl: 
Cmlksl=E(Ml, Ksl). 



50 



In this case, the secret-key Ksl is abandoned by a 
procedure such as overwriting of the secret-key Ks2 on the 
secret-key Ksl. 

(10) When the data content Ml is stored in the storage unit, 
the data content Ml is re -encrypted using the secret-key 
Ks2 for re-encryption: 

CmXJcs2'^{m, Ks2) 

and it is stored as a re -encrypted data content Cm\ks2. 

(11) When the first user re-uses the re-encrypted data content 
Qmlks2, the first user Ul reads the re-encrypted data 
content Cmlksl stored in the storage unit on memory, and 
decrypts it using the secret-key Ks2 and uses it. When the 
first user stores the data content Ml again, the data 
content Ml is re -encrypted using the secret-key Ks2 for 
re-encryption, and the re-encrypted data content Cml^2 
is stored in the storage unit. 

(12) In case the first user transfers the data content Ml to a 
second user U2, the first user Ul encrypts a second iiser 
data 12 using a public-key KbO of the data center: 

cam^Eip., Km), 

then, enters the encrypted second user data CUkbO as 
electronic watermark V/ci2kbO in the data content Ml 
requested by the second user U2, and edits to a data content 
M2 with electronic watermark: 

m=MUWci2kbQ'{m^WcilkbO)-^WcakbO. 

As a simplified procedure, the second user data 12 may be 
entered as electronic watermark Wi2 instead of the 
encrypted second user data Ci2^fc0. 

(13) After the data content Ml with electronic watermark is 
edited to the data content M2 with electronic watermark, 
the first user Ul transfers the scenario of editing process 
of the edited data content M2 (information relating to 
electronic watermark such as the second user data) to the 
key center and registers it. As a result, the second user can 
use the data content. 

(14) The key center stores the scenario of editing process 
registered by the first user, and generates a secret-key 
Ks3. Then, it is encrypted using the public-key Kbl of the 
first user: 

Cks2bl=E(Ks3, Kbl) 

and the encrypted secret-key Cksikbl is distributed to the 
first user. 

(15) The first user Ul decrypts the distributed encrypted 
secret-key Cks3kbl using the private-key Kvl of the first 



Then, encrypted electronic watermarked data content 
Cmlksl is distributed to the first user Ul by data commu- 
nication or data broadcasting or by recording on a medium. 

The scenario of editing process of the data content Ml 
(information relating to electronic watermark such as the 
first user data) is stored to use for verification. 

As a simplified procedure, the first user data II may be 
entered as an electronic watermark Wil instead of the 
encrypted first user data CilkbO for electronic watennark. 
(9) The first user Ul decrypts the encrypted electronic 

watermarked data content Cml/::sl using the secret-key 

Ksl for decryption: 

Ml-D{CmVcsl, Ksl) 

and uses it. 



60 



Ks3=D{Cks3kbl, Kvl). 

(16) Further, data content M2 with electronic watermark is 
encrypted using the decrypted secret-key Ks3; 

Cm2fo3=£{A«, Ks3) 

and encrypted electronic watermarked data content Cmlksl 
is obtained. 

(17) The first user Ul transfers the encrypted electronic 
watermarked data content Cmlksl to the second user U2 
by data communication or by copying it on a medium. 

(18) The second user U2 stores the transferred encrypted 
electronic watermarked data content Cm2ks3 in the stor- 
age unit. 

The second user U2 specifies the data content name TmO 
to the key center, presents the public-key Kb2 of the second 



06/17/2004, EAST Version: 1.4.1 



us 6,7^ 

13 

user, and requests the distribution of the secret-key Ks3 for 
decryption and a secret-key Ks4 for re-encryption. 

(19) The key center confirms according lo the stored sce- 
nario that the second user U2 is a valid user and generates 
the secret-key Ks4 and stores it. Then, the secret-key Ks4 
and the stored secret-key Ks3 are encrypted using the 
public-key Kb2 of the second user: 

Cks3m=E(Ks3, Kb!) 
Cks4}cb2'^{Ks4, Kbl) 

and the encrypted secret-keys Cks^kbl and Cks4^fo2 are 
distributed to the second user. 

(20) The second user U2 decrypts the encrypted secret-keys 
Cks3jtM and Cks4jtb2 using the private-key Kv2 of the 
second user: 

Aj3=D(Cfa3Jfefc2, Kvl) 
Ks4~D{Cks4kb2, Kvl) 

and the decrypted secret-keys Ks3 and Ks4 are stored in IC 
card, PCMCIA card, insert board or software. 

The secret-keys Ks3 and Ks4 at the second user are 
handled in the same manner as the secret-keys Ksl and Ks2 
at the first user. 

(21) The second user U2 reads the encrypted electronic 
watermarked data content Cm2fcs3 stored in the storage 
unit on memory and decrypts it using the stored secret- 
key Ks3: 

m=D(Cm2ks2, Ks3) 

and uses it. 

Here, the secret-key Ks3 is abandoned by a procedure 
such as overwriting of the secret-key Ks4 on the secret-key 
Ks3. 

(22) When the data content M2 is stored again in the storage 
unit, the data content M2 is re-encrypted using the secret- 
key Ks4 for re -encryption and is stored as a re-encrypted 
data content Cm2ks4. 

(23) In case the second user U2 re-uses the re-encrypted data 
content Cm2ks4, the re -encrypted data content CralksA 
stored in the storage unit is read on memory, and it is 
decrypted using the secret-key Ks4 and is used. 

(24) Further, when the second user stores the data content 
M2 again, the data content M2 is re-encrypted using the 
secret-key Ks4 for re-encryption, and the re-cncrypted 
data content Cm2fo4 is stored in the storage imit. 
Then, the same procedure is repeated. 

The embodiment as described above is arranged under the 
assumption that the distributed data content is utilized in real 
time, while it may be designed in such a manner that the data 
content obtained in advance and stored by the tiser is 
decrypted later and is used. 

In such a case, the first user is at the position of the second 
user in the above embodiment, and a similar operation is 
performed. 

As it is evident from the above description, the first user 
data is entered as electronic watermark in the data content 
obtained by the first user by the data center. 

Therefore, if it is copied and transferred without taking a 
normal procedure, the data center verifies the electronic 
watermark entered therein, and it is detected that the first 
user has copied and transferred it without taking a normal 
procedure. 

When it is copied and transferred by a normal procedure, 
electronic watermark of each user is entered on the data 
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content, and this clears the route of copying and transfer. 
When copying and transfer are repeated, noise in the data 
content increases by the entered electronic watermark, and 
this makes it possible to exclude and inhibit copying and 

5 transfer, i.e. to decrease the risk of illegitimate utilization. 
Because a key used for encrypting the data content is 
stored at the key center, the key center can be utUized when 
a key escrow system or a key recovery system is used in a 
practical application. 

10 Further, the secret-key can be used as user data, and the 
secret-key is encrypted using the public-key of the data 
center and this is entered as electronic watermark. By 
decrypting this using the private-key of the data center when 
necessary and by confirming the secret-key, it is possible to 

IS achieve a key escrow system or a key recovery system in 
simple manner but with high security. 
[Embodiment 3] 

Description is given below on a third embodiment of the 
invention referring to FIG. 3. 

(1) Unlike the first and the second embodiments, the data 
center and the key center in this embodiment are arranged 
in such a manner that they are a single data management 
center when seen from the user. 

The data management center stores the data content MO of 
IP (information provider) in database in advance or the data 
content MO is transferred from IP each time at the request of 
the first user Ul. 

(2) The first user Ul specifies a data content name TmO to 
the data management center, presents a user data II and a 
public-key Kbl of the first user, and requests the distri- 
bution of the data content MO and secret -keys Ksl and 
Ks2. 

As the user data, a user ID, a user E-mail address or a 
secret-key generated to the request of secret-key of the user 
can be used. Further, a random number prepared by the data 
center as the one specific for the user can be used. 

Also, it may be designed in such a manner that the data 
management center combines the first user information 
(having data amount of several tens of bytes in general) with 
a first user public-key Kbl (having data amount of about 
1000 bits) and obtains a first tiser data II (having data 
amount of one thousand and several hundreds of bits), and 
that MD5 hash value of 16 bytes, obtained by turning the 
first user data II to hash value by MD5 hash algorithm, can 
be used as the user data. 

(3) The data management center generates the secret-keys 
Ksl and Ks2 and encrypts the first user data U using the 
public-key KbO of the data center: 

50 CilAfcO=£(yi, KbO) 

to the encrypted first user data CilkbO. The encrypted first 
user data CilkbO is entered in the data content MO requested 
by the first user Ul as an electronic watennark V/cilkbO\ 

55 

MI'-MO-i-WciUbO. 

Then, a data content Ml with electronic watermark is edited. 
The data content Ml with electronic watermark is encrypted 
60 using the secret-key Ksl: 

Cmlksi''E{m, Ksl) 

to encrypted electronic watermarked data content Cvalksl. 
65 (4) The data management center stores the generated secret- 
keys Ksl and Ks2 together with the data content name 
TmO, the first user data II and the first user public-key 
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Kbl and encrypts the secret-keys Ksl and Ks2 using the 
public-key Kbl of the first user: 

Ckslkbl''E{Ksl, Kbl) 
Cks2kbl=E{Ks2, Kbl). 

Then, the two encrypted secret-keys and the encrypted 
electronic watermarked data content. Cmlfol are distributed 
to the first user Ul by data communication or data broad- 
casting or by recording it on a medium. 

The scenario of the editing process of the data content Ml 
(information relating to electronic watermark such as the 
first user data) is stored to use for verification. 

As a simplified procedure, the first user data 11 may be 
entered as electronic watermark Wil instead of the 
encrypted first user data CilkbO, 

(5) llie first user Ul decrypts the encrypted secret-keys 
Cksl/r61 and Ckslkbl thus distributed using the first user 
private-key Kvl: 

KsUD{Ckslkbl, Kvl) 
Ks2=D{Cks2kbly Kvl) 

and the decrypted secret-keys Ksl and Ks2 are stored in the 
device. The user is not the owner of the secret-keys Ksl and 
ks2, but the key center or the data center is the owner 
Because there may be possibility of improper use of the 
secret-keys if the management of the secret-keys is made by 
the user, the secret-keys Ksl and Ks2 are automatically 
stored in IC card, PCMCIA card, insert board or software 
which are not under user's control. 

Here, the fee to use the data content MO is charged. 

The secret-keys Ksl and Ks2 can be generated using the 
first user data II. If the data content name and the first user 
data U are available, Ksl can be generated again. Therefore, 
it will suffice that the data content name TmO and the first 
user data II are stored. 

The secret-key may be selected each time from library of 
the key center instead of generating them. 

Japanese Patent Laid-Open 271865/1995, filed by the 
present inventor, describes a method to divide a copyright 
management program and to distribute respectively together 
with data content and key attached thereto. 

This method can be applied to the secret-keys themselves, 
and the secret-key Ksl can be divided to partial secret-keys 
KsU and Ksl2 as: 

KslUKsl2~Ksl 

and the secret-key Ks2 can be divided to partial secret-keys 
Ks21 and Ks22 as: 

Ks2l+Ks22~Ks2. 

The partial secret-keys Ksll and Ks21 are distributed as 
partial secret-keys, and the remaining partial secret-keys 
Ksl2 and Ks22 are attached to the data content and distrib- 
uted. Then, the first user cannot engage any more in the 
management of the secret-keys Ksl and Ks2. 

(6) The first user Ul decrypts the encrypted electronic 
watermarked data content Cml/:sl using the secret-key 
Ksl for decryption: 

A/l=D(Cmljfcrl, Ksl) 

and uses it. 

In this case, the secret-key Ksl is abandoned by a 
procedure such as overwriting of the secret-key Ks2 on the 
secret-key Ksl. 
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(7) When the data content Ml is stored in the storage unit, 
the data content Ml is re -encrypted using the secret-key 
Ks2 for re-encryption: 

Cmlks2«E{m,Ks2) 

and it is stored as a re-encrypted data content Cmlksl. 

(8) When the first user re -uses the re-encrypted data content 
Cmlfa2, the first user Ul reads the re-encryptcd data 
content CmlJb2 stored in the storage unit on memory, and 
decrypts it using the secret-key Ks2 and uses it. When the 
first user stores the data content Ml again, the data 
content Ml is re -encrypted using the secret-key Ks2 for 
re-encryption, and the re -encrypted data content Cmlksl 
is stored in the storage unit. 

(9) In case the first user transfers the data content Ml to a 
second user U2, the first user Ul encrypts a second user 
data 12 using a public-key KbO of the data center: 

CajfeM)=£(72, KbO). 

Then; the encrypted second user data CHJcbO is entered as 
electronic watermark Wci2/i)0 in the data content Ml 
requested by the second user U2: 

m°Ml+Wci2kbfi^{m+WdlkbO)+Wcam 

and a data content M2 with electronic watermark is edited. 

As a simphfied procedure, the second user data 12 may be 
entered as electronic watermark Wi2 instead of the 
encrypted second user data CiZklAi. 

(10) After editing to the data content M2 with electronic 
watermark, the first user Ul transfers the scenario of the 
editing process of the edited data content M2 (information 
relating to electronic watermark such as the second user 
data) to the data management center and registers it. As a 
result, it is possible to utilize the data content of the 
second user. 

(11) Further, the first user Ul encrypts the data content M2 
with electronic watermark using the secret-key Ks2: 

Cm2ks2«Eim, Ks2) 

and encrypted electronic watermarked data content Cxnlksl 
is obtained. 

(12) The first user transfers the encrypted electronic water- 
marked data content Cm2ks2 to the second user U2 by 
data communication or by copying it on a medium, 

(13) The user U2 stores the transferred encrypted electronic 
watermarked data content Cmlksl in the storage unit. 
The second user U2 specifies the data content name TmO 

to the data management center, presents the public-key Kb2 
of the second user, and requests the distribution of the 
secret-key Ks2 for decryption and the secret-key Ks3 for 
re -encryption. 

(14) The data management center confirms according to the 
stored scenario that the second user U2 is a valid user and 
generates the secret-key Ks3 and stores it. Then, the 
stored secret-key Ks2 and the generated secret-key Ks3 
are encrypted using the public-key Kb2 of the second 
user; 

Cks2kb2'=E^s2, Kb2) 
Cks3kb2''E(Ks3, Kb2). 

Then, the encrypted secret-keys Ckslkbl and Cks3kbl are 
distributed to the second user. 
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(15) The second user U2 decrypts the encrypted secret-keys 
O^kbl and Cksikbl using the private-key Kv2 of the 
second user: 

KsUD(Ckslkbl, Kv2) 
Ks3=D{CksM2, Kv2). 

The decrypted secret-keys Ks2 and Ks3 are stored in IC 
card, PCMCIA card, insert board or software. 

The secret-keys Ks2 and Ks3 at the second user are 
handled, and decrypted and stored in the same manner as the 
secret-keys Ksl and Ks2 at the first user. 

(16) The second user U2 reads the encrypted electronic 
watermarked data content Cm2fes2 stored in the storage 
unit on memory and decrypts it using the stored secret- 
key Ks2: 

Ml-=D{Cmsks2, Ks2) 
and uses it. 

In this case, the secret-key Ks2 is abandoned by a 
procedure such as overwriting of the secret-key Ks3 on the 
secret-key Ks2. 

(17) When the data content M2 is stored again in the storage 
unit, the data content M2 is re-encrypted using the secret- 
key Ks3 for re -encryption, and it is stored as the 
re-encrypted data content Cmlks^. 

(18) When the second user U2 re-uses the re-encrypted data 
content Cmlks^j the re -encrypted data content Cm2/cs3 
stored in the storage unit is read on memory, and it is 
decrypted using the secret-key Ks3 and is used. 

(19) Further, when the second user stores the data content 
M2 again, the data content M2 is re-encrypted using the 
secret-key Ks3 for re-encryption, and the re-encrypted 
data content Cm2ks3 is stored in the storage unit. 
Then, the same procedure is repeated. 

The embodiment as described above is ananged under the 
assumption that the distributed data content is utilized in real 
time, while it may be designed in such a manner that the data 
content obtained in advance and stored by the user is 
decrypted later and is used. 

In such a case, the first user is at the position of the second 
user in the above embodiment, and a similar operation is 
performed. 

As it is evident from the above description, the first user 
data is entered as electronic watcrrnark in the data content 
obtained by the first user by the data center. 

Therefore, if it is copied and transferred without taking a 
normal procedure, the data center verifies the electronic 
watermark entered therein, and it is detected that the first 
user has copied and transferred it without taking a normal 
procedure. 

When it is copied and transferred by a normal procedure, 
electronic watermark of each user is entered in the data 
content, and this clears the route of copying and transfer. 
When copying and transfer are repeated, noise in the data 
content increases by the entered electronic watermark, and 
this makes it possible to exclude and inhibit copying and 
transfer, i.e. to decrease the risk of illegitimate utilization. 

Because a key used for encrypting the data content is 
stored at the data management center, the data management 
center can be utilized when a key escrow system or a key 
recovery system is used in a practical application. 
[Embodiment 4] 

Description is given now on the fourth embodiment of the 
invention referring to FIG. 4Aand FIG. 4B. 

Unlike the first to the third embodiments, which relate to 
the data management system as a whole, the fourth embodi- 
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ment is directed to data management operation on the user 
side. The flow chart shown in FIG. 4A represents an example 
of operation performed on a first user side, and the flow chart 
shown in FIG. 4B represents an example of operation on a 
5 second user side. 

In this embodiment, the data management program is 
arranged as an object program, and the user data and the 
secret-key are stored as instance variables in the slot of the 
object. 

10 (1) The first user Ul obtains an encrypted data content 
CmOJtsl which is obtained through encrypting the data 
content MO using a first secret-key Ksl. The encrypted 
data content can be obtained via a network, by data 
broadcasting, or via a recording medium. 

15 (2) When the encrypted data content CmO/csl is obtained, the 
first user Ul obtains the data management program object 
where first secret-key Ksl is stored in the slot as instance 
variable, from the data management center. The data 
management program object may be provided via the 

20 network, but it is desirable to supply it by storing in an IC 
card or the like for security purpose. 

(3) The first user data II is stored as instance variable in the 
slot of the data management program object. 

(4) It is confirmed that the first user data II has been stored 
25 in the data management program object. 

If not stored, the procedure of (3) above to store the first 
user data II to the data management program object is 
repeated. 

(5) A pattern of electronic watermark Wl is generated based 
30 on the first user data II by the data management program. 

(6) The first user Ul decrypts the encrypted data content 
CmO/:^! using the first secret-key Ksl: 

MO'=D{CmQksl, Ksl). 

The decrypted data content MO is edited by promptly 
entering the electronic watermark Wl, and the data content 
MO is edited to a data content Ml. 

(7) A second secret-key is generated by the data manage- 
ment program. 

(8) By overwriting the generated second secret-key on the 
first secret-key, the first secret-key Ksl is abandoned, and 
the second secret-key Ks2 is stored. ' " " 

(9) After the above procedure has been completed, the data 
content Ml is utilized. 

^ The data content to be utilized is not the data content MO 
obtained from the data management center, but it is the data 
content Ml where the user data U of the first user Ul is 
entered as electronic watermark. However, the electronic 
watermark gives no change to external appearance, and it 
can be used without any trouble. 

(10) When the data content Ml used by the first user Ul is 
to be stored in the storage unit, the data content Ml is first 
encrypted using the second secret-key Ks2 by the data 
management program: 

Cmlks2-E(m, Ks2). 

(11) Then, it is confirmed whether the data content Ml to be 
stored has been turned to the encrypted data content 

60 CmlJb2 or not. In case it is not encrypted, the data content 
is not stored, and it goes back to the step in (9) above. 

(12) When it is confirmed that the data content to be stored 
is the encrypted data content Cmlksl, the encrypted data 
content Cmlfo2 is stored in the storage unit. 

65 (13) In case the first user Ul re-uses the encrypted data 
content Cmlksl without copying and transferring to the 
second user U2, 
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(14) the encrypted data content Cmlksl stored in the storage 
unit is read, 

(15) the encrypted data content Cmlksl is decrypted using 
the second secret-key Ks2 by the data management pro- 
gram: s 

MUD(Cmlks2, Ksl), and 

(16) the decrypted data content Ml is used. 

(17) When the first user Ul stores the re-used data content 
Ml to the storage unit, the data content Ml is first ]o 
re -encrypted using the second secret-key Ks2 by the data 
management program and is stored. 

(18) In case the first user Ul copies and transfers the 
encrypted data content Cmlksl to the second user U2, the 
encrypted data content Cmlksl is transferred by copying js 
it on a recording medium or via the network. 

(19) The second user U2 obtains the encrypted data content 
Cm 1^52 via the network or via the recording medium. 

(20) When the encrypted data content Cmlksl is obtained, 
the second user U2 obtains the data management program 20 
object where the second secret-key Ks2 is stored in the 
slot as instance variable, from the data management 
center. The data management program object may be 
provided via the network but it is desirable to supply it by 
storing in an I C card or the like for security purpose. 25 

(21) The second user data 12 is stored as instance variable in 
the slot of the data management program object. 

(22) It is confirmed that the second user data 12 has been 
stored in the data management program object. 

If not stored, the procedure in (21) above to store the 30 
second user data 12 to the data management program object 
is repeated. 

(23) By the data management program, a pattern of elec- ^3 
tronic watermark W2 based on the second user data 12 is 
generated. 35 

(24) The second user U2 decrypts the encrypted data content 
Cmlksl using the second secret-key Ks2: 

Afl=D(CmUtr2, Aj2). 

The decrypted data content Ml is edited by promptly 40 
entering the electronic watermark W2, and the data content 
Ml is edited to a data content M2. 

(25) A third secret-key is generated by the data management 
program. 

(26) By overwriting the generated third secret-key on the 45 
second secret-key, the second secret-key Ks2 is 
abandoned, and the third secret-key Ks3 is stored. \ff\ 

(27) After the above procedure has been completed, the data 
content M2 is utilized. 

The data content to be utilized is not the data content MO 50 
obtained from the data management center, but it is the data 
content M2 where the data 12 of the second user U2 is 
entered as electronic watermark. However, the electronic 
watermark gives no change to external appearance, and it 
can be used without any trouble. 55 

By overwriting the electronic watermark W2 on the 
electronic watermark Wl, such as only W2 is entered in the 
data content M2, it is possible to design in such a manner 
that a single electronic watermark is entered at all times and 
it is only the electronic watermark of the final user data. Or 60 
else, such as the electronic watermark W2 may be written at 
the same time without overwriting on the electronic water- 
mark Wl in the data content M2, it is also possible that the 
electronic watermarks entered increase and these are the 
electronic watermarks of all of the user data. 65 

(28) When the data content M2 used by the second user U2 
is to be stored in the storage unit, the data content M2 is 



first encrypted using the third secret-key Ks3 by the data 
management program: 

Cm2fa3=£:(Af2, Ksy). 

(29) Then, it is confirmed whether the data content M2 to be 
stored has been turned to the encrypted data content 
CmlksZ or not. If it is not encrypted, the data content is 
not stored, and it goes back to the step of (27). 

(30) When it is confirmed that the data content to be stored 
is the encrypted data content Cmlks'h, the encrypted data 
content CmlksZ is stored in the storage unit. 

(31) In case the second user U2 re-uses the encrypted data 
content Cm2fo3 without copying and transferring it to the 
third user U3, 

(32) the encrypted data content Cmlksl stored in the storage 
unit is read, 

(33) the encrypted data content Cmlksl is decrypted using 
the third secret-key Ks3 by the data management pro- 
gram: 

Af2-D(Cm2Jty3,JCy3), and 

(34) the decrypted data content M2 is utilized. 

(35) When the second user U2 stores the re-used data 
content M2 in the storage unit, the data content M2 is first 
re-encrypted by the data management program using the 
third secret-key Ks3 and is stored. 

(36) In case the second user U2 copies and transfers the 
encrypted data content Cm2/a:3 to the third user U3, the 
encrypted data content Cm2/u:3 is copied on a recording 
medium or is provided via the network. 

Then, the same procedure is repeated. 

The first to the fourth embodiments as described above 
represent the cases where illegitimate use of the data under 
control of the data management center is prevented, i.e. a 
charged key is used for a charged data. 

However, in the arrangement as described above, by 
replacing the data management center with a host of video 
conference, the first user with a guest of video conference, 
and the second and the subsequent users with observers of 
video conference, it is possible in the application for a video 
conference system to prevent leakage of the content of the 
conference. 

Similarly, in the application for a digital cash system, by 
replacing the data management center with a client side 
bank, the first user with a client, and the second user with a 
shop, it is possible to improve security in the digital cash 
system. 

In the system as described above, each of the users to 
utilize the system must be registered at the data management 
center in advance. At the time of registration, data manage- 
ment program is provided to the users. 

In the present invention to utilize the data M, the first 
secret-key Ksl, the second secret-key Ks2 and the data 
management program are transferred to each user, and each 
user must store them. 

As the place to store them, it is ideal to use an IC card now 
being propagated; in which an IC element is encapsulated in 
a card-like container, or in particular, to use a PC card where 
microprocessor is encapsulated. 

Also, it is possible to design in such a manner that the data 
management program serves as an agent on the data man- 
agement center side so that utilization status, transfer status, 
etc. of the data content are automatically reported when the 
user sends a request to use to the data management center. 

It is understood that particular embodiments described 
herein are illustrative and the present invention is not limited 
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to these particular embodiments. It will be apparent to those 
skilled in the art that changes can be made in the various 
details described herein without departing from the scope of 
the invention. The present invention is defined by the claims 
and their full scope of equivalents. 5 
I claim: 

1. A data management method comprising: 

entering first user data as a first electronic watermark to 
first data content by a data management center; 

encrypting the first data content by the data management 
center using a first secret key; 

distributing the encrypted first data content from the data 
management center to a first user; 

distributing the first secret key and a second secret key 
from the data management center to the first user, the 
first and second secret keys being different from each 
other; 

decrypting the encrypted first data content by the first user 
using the first secret key; 20 

entering second user data as a second electronic water- 
mark to the first data content by the first user before 
transferring the first data content from the first user to 
a second user; and 

re-encrypting the first data content by the first user using 25 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user. 

2. A data management method according to claim 1, 
further comprising: 

encrypting the first and second secret keys by the data 
management center using a public key of the first user 
before distributing the first and second secret keys to 
the first user; and 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key. 

3. A data management method according to claim 1, 
wherein the secret keys are generated by the data manage- 
ment center. 

4. A data management method according to claim 1, 
wherein the first and second secret keys are generated by the 
data management center based on the first user data. 

5. A data management method according to claim 1, 
wherein the secret keys are selected by the data management 
center from a key library at the data management center. 

6. A data management method according to claim 1, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 55 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

7. A data management method according to claim 1, 
wherein after said decrypting by the first user using the 60 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
second secret key. 

8. A data management method according to claim 1, 
wherein the secret keys are stored at the data management 65 
center to provide a key escrow system by the data manage- 
ment center. 



9. A data management method according to claim 1, 
wherein the secret keys are stored at the data management 
center to provide a key recovery system by the data man- 
agement center. 

10. A data management method according to claim 1, 
further comprising: 

editing the first data content by the first user to produce 
edited data content represented by the first data content 
and a scenario, the scenario being an editing process on 
the first data content; 

registering the scenario with the data management center; 

distributing a third secret key from the data management 
center to the first user upon registration of the scenario, 
the third secret key being different from the first and 
second secret keys; and 

encrypting the edited data content by the first user using 
the third secret key before storing, copying, or trans- 
ferring the edited data content by the first user. 

11. A data management method comprising: 

entering first user data as a first electronic watermark to 
first data content by a data management center; 

encrypting the first data content by the data management 
center using a first secret key; 

distributing the encrypted first data content from the data 
management center to a first user; 

distributing the first secret key and a second secret key 
from the data management center to the first user, the 
first and second secret keys being different from each 
other; 

decrypting the encrypted first data content by the first user 
using the first secret key; 

entering second user data as a second electronic water- 
mark to the first data content by the first user before 
transferring the first data content firom the first user to 
a second user; 

re-encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user; 

requesting the data management center for access to the 
re-encrypted first data content by the second user; 

distributing the second secret key and a third secret key to 
the second user, the second and third secret keys being 
different from each other; 

decrypting the re-encrypted first data content by the 
second user using the second secret key; and 

re-encrypting the decrypted first data content by the 
second user using the third secret key before storing, 
copying, or transferring the first data content by the 
second user. 

12. A data management method according to claim 11, 
further comprising: 

encrypting the first and second secret keys by the data 
management center using a public key of the first user 
before distributing the first and second secret keys to 
the first user; 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key; 

encrypting the second and third secret keys by the data 
management center using a public key of the second 
user before distributing the second and third secret keys 
to the second user; and 

decrypting the second and third secret keys by the second 
user using a private key of the second user before 
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decrypting the re -encrypted first data content using the 
second secret key. 

13. A data management method according to claim 11, 
wherein the secret keys are generated by the data manage- 
ment center. 5 

14. A data management method according to claim 11, 
wherein the first and second secret keys are generated by the 
data management center based on the first \iser data, and the 
third secret key is generated by the data management center 
based on the second user data. 10 

15. A data management method according to claim 11, 
wherein the secret keys are selected by the data management 
center from a key library at the data management center. 

16. A data management method according to claim 11, 
wherein each of the secret keys is divided into corre- ^5 

sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

17. A data management method according to claim 11, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
second secret key, and 3Q 
wherein after said decrypting by the second user using the 
second secret key, the second secret key is abandoned 
by the second user by overwriting the second secret key 
with the third secret key. 

18. A data management method according to claim 11, 35 
wherein the secret keys are stored at the data management 
center to provide a key escrow system by the data manage- 
ment center. 

19. A data management method according to claim 11, 
wherein the secret keys are stored at the data management 40 
center to provide a key recovery system by the data man- 
agement center. 

20. A data management method comprising: tj^ 
entering first user data as a first electronic watermark to 

first data content by a data management center; 45 
encrypting the first data content by the data management 

center using a first secret key; 
distributing the encrypted first data content from the data 

management center to a first user; 
distributing the first secret key and a second secret key 

from the data management center to the first user, the 

first and second secret keys being different from each 

other; 

decrypting the encrypted first data- content by the first user 
using the first secret key; 

editing the first data content by the first user to produce 
edited data content; 

entering second user data as a second electronic water- 
mark to the edited data content by the first user before 
transferring the edited data content from the first user to 
a second user; and 

re-encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user. 65 

21. A data management method according to claim 20, 
further comprising: 



50 



encrypting the first and second secret keys by the data 
management center using a public key of the first user 
before distributing the first and second secret keys to 
the first user; and 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key. 

22. A data management method according to claim 20, 
wherein the secret keys are generated by the data manage- 
ment center. 

23. A data management method according to claim 20, 
wherein the first and second secret keys are generated by the 
data management center based on the first user data. 

24. A data management method according to claim 20, 
wherein the secret keys are selected by the data management 
center from a key library at the data management center. 

25. A data management method according to claim 20, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

26. A data management method according to claim 20, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
second secret key. 

27. A data management method according to claim 20, 
wherein the secret keys are stored at the data management 
center to provide a key escrow system by the data manage- 
ment center. 

28. A data management method according to claim 20, 
wherein the secret keys are stored at the data management 
center to provide a key recovery system by the data man- 
agement center. 

29. A data management method according to claim 20, 
further comprising: 

registering a scenario with the data management center, 
the scenario being an editing process on the first data 
content generated by said editing of the first data 
content; 

distributing a third secret key from the data management 
center to the first user upon registration of the scenario, 
the third secret key being different from the first and 
second secret keys; and 

encrypting the edited data content by the first user using 
the third secret key before storing, copying, or tran s- 
- ^ 'ferrmg the edited data content by the first user 

30. A data management method comprising: 

entering first user data as a first electronic watermark to 
first data content by a data management center; 

encrypting the first data content by the data management 
center using a first secret key; 

distributing the encrypted first data content from the data 
management center to a first user; 

distributing the first secret key and a second secret key 
from the data management center to the first user, the 
first and second secret keys being different from each 
other; 
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decrypting the encrypted first data content by the first user 

using the first secret key; 
editing the first data content by the first user to produce 

edited data content; 
entering second user data as a second electronic water- ^ 

mark to the edited data content by the first user before 

transferring the edited data content from the first user to 

a second user 

encrypting the edited data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the edited data content by the first user; 

requesting the data management center for access to the 
encrypted edited data content by the second user; 

distributing the second secret key and a third secret key 55 
from the data management center to the second user, 
the second and third secret keys being different from 
each other; 

decrypting the encrypted edited data content by the sec- 
ond user using the second secret key; and 20 

re -encrypting the edited data content by the second user 
using the third secret key before storing, copying, or 
transferring the edited data content by the second user. 

31. A data management method according to claim 30, 
further comprising: 25 

encrypting the first and second secret keys by the data 
management center using a public key of the first user 
before distributing the first and second secret keys to 
the first tiser; 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key; 

encrypting the second and third secret keys by the data 
management center using a public key of the second 
user before distributing the second and third secret keys 
to the second user; and 

decrypting the second and third secret keys by the second 
user using a private key of the second user before 
decrypting the encrypted edited data content using the 
second secret key. 

32. A data management method according to claim 30, 
wherein the secret keys are generated by the data manage- 
ment center. 

33. A data management method according to claim 30, 
wherein the first and second secret keys are generated by the 
data management center based on the first user data, and the 
third secret key is generated by the data management center 
based on the second user data. 

34. A data management method according to claim 30, 
wherein the secret keys are selected by the data management 
center from a key library at the data management center. 

35. A data management method according to claim 30, 
wherein each of the secret keys is divided into corre- 55 

sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 60 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

36. A data management method according to claim 30, 65 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 



first user by overwriting the first secret key with the 
second secret key, and 
wherein after said decrypting by the second user using the 
second secret key, the second secret key is abandoned 
by the second user by overwriting the second secret key 
with the third secret key. 

37. A data management method according to claim 30, 
wherein the secret keys are stored at the data management 
center to provide a key escrow system by the data manage- 
ment center. 

38. A data management method according to claim 30, 
wherein the secret keys are stored at the data management 
center to provide a key recovery system by the data man- 
agement center. 

39. A data management method comprising: 

entering first user data as a first electronic watermark to 
first data content by a data management center; 

encrypting the first data content by the data management 
center using a first secret key; 

distributing the encrypted first data content from the data 
management center to a first user; 

distributing the first secret key and a second secret key 
from the data management center to the first user, the 
first and second secret keys being different from each 
other; 

decrypting the encrypted first data content by the first user 

using the first secret key; 
editing the first data content by the first user to produce 

edited data content; 
registering a scenario with the data management center, 

the scenario being an editing process on the first data 

content generated by said editing of the first data 

content; 

entering second user data as a second electronic water- 
mark to the edited data content by the first user before 
transferring the edited data content from the first user to 
a second user; 

distributing a third secret key from the data management 
center to the first user upon registration of the scenario, 
the third secret key being different from the first and 
second secret keys; 

encrypting the edited data content by the first user using 
the third secret key before storing, copying, or trans- 
ferring the edited data content by the first user; 

re-encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user; 

requesting the data management center for access to the 
encrypted edited data content by the second user; 

distributing the third secret key and a fourth secret key to 
the second user, the third and fourth secret keys being 
different from each other; 

decrypting the encrypted edited data content by the sec- 
ond user using the third secret key; and 

re-encrypting the edited data content by the second user 
using the fourth secret key before storing, copying, or 
transferring the edited data content by the second user. 

40. A data management method according to claim 39, 
further comprising: 

encrypting the first and second secret keys by the data 
management center using a pubfic key of the first tiser 
before distributing the first and second secret keys to 
the first user; 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key; 
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encrypting the third secret key by the data naanagement 
center using the public key of the first user before 
distributing the third secret key to the first user; 

decrypting the third secret key by the first user using the 
private key of the first user before encrypting edited 
data content using the third secret key; 

encrypting the third and fourth secret keys by the data 
management center using a pubUc key of the second 
user before distributing the third and fourth secret keys 
to the second user; and 

decrypting the third and fourth secret keys by the second 
user using a private key of the second user before 
decrypting the encrypted edited data content using the 
third secret key. 

41. A data management method according to claim 39, 
wherein the secret keys are generated by the data manage- 
ment center. 

42. A data management method according to claim 39, 
wherein the first, second, and third secret keys are generated 
by the key center based on the first user data, and the fourth 
secret key is generated by the key center based on the second 
user data. 

43. A data management method according to claim 39, 
wherein the secret keys are selected by the data management 
center from a key library at the data management center. 

44. A data management method according to claim 39, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

45. A data management method according to claim 39, 
wherein after said decrypting by .the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
second secret key, and 
wherein after said decrypting by the second user using the 
third secret key, the third secret key is abandoned by the 
second user by overwriting the third secret key with the 
fourth secret key. 

46. A data management method according to claim 39, 
wherein the secret keys arc stored at the data management 
center to provide a key escrow system by the data manage- 
ment center. 

47. A data management method according to claim 39, 
wherein the secret keys are stored at the data management 
center to provide a key recovery system by the data man- 
agement center. 

48. A data management method comprising: 

entering first user data as a first electronic watermark to 

first data content by a data center; 
encrypting the first data content by the data center using 

a first secret key provided by a key center; 
distributing the encrypted first data content from the data 

center to a first user; 
distributing the first secret key and a second secret key 

from the key center to the first user, the first and second 

secret keys being different from each other; 
decrypting the encrypted first data content by the first user 

using the first secret key; 
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entering second user data as a second electronic water- 
mark to the first data content by the first user before 
transferring the first data content from the first user to 
a second user; and 

re-encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user. 

49. A data management method according to claim 48, 
further comprising: 

encrypting the first and second secret keys by the key 
center \ising a pubHc key of the first user before 
distributing the first and second secret keys to the first 
user; and 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key. 

50. A data management method according to claim 48, 
wherein the secret keys are generated by the key center 

51. A data management method according to claim 48, 
wherein the first and second secret keys are generated by the 
key center based on the first user data. 

52. A data management method according to claim 48, 
wherein the secret keys are selected by the key center from 
a key library at the key center. 

53. A data management method according to claim 48, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

54. A data management method according to claim 48, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
second secret key. 

55. A data management method according to claim 48, 
wherein the secret keys are stored at the key center to 
provide a key escrow system by the key center 

56. A data management method according to claim 48, 
wherein the secret keys are stored at the key center to 
provide a key recovery system by the key center. 

57. A data management method according to claim 48, 
further comprising: 

editing the first data content by the first user to produce 
edited data content represented by the first data content 
and a scenario, the scenario being an editing process on 
the first data content; 

registering the scenario with the key center; 

distributing a third secret key from the key center to the 
first user upon registration of the scenario, the third 
secret key being different from the first and second 
secret keys; and 

encrypting the edited data content by the first user using 
the third secret key before storing, copying, or trans- 
ferring the edited data content by the first user. 

58. A data management method comprising: 

entering first user data as a first electronic watermark to 

first data content by a data center; 
encrypting the first data content by the data center using 

a first secret key provided by a key center; 
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distributing the encrypted first data content from the data 
center to a first user; 

distributing the first secret key and a second secret key 
from the key center to the first user, the first and second 
secret keys being different from each other, ^ 

decrypting the encrypted first data content by the first user 
using the first secret key; 

entering second user data as a second electronic water- 
mark to the first data content by the first user before 
transferring the first data content from the first user to 
a second user; 

re-encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user; ^5 

requesting the key center for access to the re-encrypted 
first data content by the second user; 

distributing the second secret key and a third secret key 
from the key center to the second user, the second and 
third secret keys being different from each other; 

decrypting the re-encrypted first data content by the 
second user using the second secret key; and 

re -encrypting the decrypted first data content by the 
second user using the third secret key before storing, 
copying, or transferring the first data content by the 
second user. 

59. A data management method according to claim 58, 
further comprising: 

encrypting the first and second secret keys by the key 30 
center using a public key of the first user before 
distributing the first and second secret keys to the first 
user; 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 35 
the encrypted first data content using the first secret 
key; 

encrypting the second and third secret keys by the key 
center using a public key of the second user before 
distributing the second and third secret keys to the 
second user; and 

decrypting the second and third secret keys by the second 
user using a private key of the second user before 
decrypting the re -encrypted first data content using the 
second secret key, 

60. A data management method according to claim 58, 
wherein the secret keys are generated by the key center. 

61. A data management method according to claim 58, 
wherein the first and second secret keys are generated by the 
key center based on the first user data, and the third secret 
key is generated by the key center based on the second user 
data. 

62. A data management method according to claim 58, 
wherein the secret keys are selected, by the key center from 
a key library at the key center. 

63. A data management method according to claim 58, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 65 
secret keys corresponding to the second secret key are 
attached to the first data content. 
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64. A data management method according to claim 58, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
second secret key, and 
wherein after said decrypting by the second user using the 
second secret key, the second secret key is abandoned 
by the second user by overwriting the second secret key 
with the third secret key. 

65. A data management method according to claim 58, 
wherein the secret keys are stored at the key center to 
provide a key escrow system by the key center. 

66. A data management method according to claim 58, 
wherein the secret keys are stored at the key center to 
provide a key recovery system by the key center. 

67. A data management method comprising: 

entering first user data as a first electronic watermark to 
first data content by a data center; 

encrypting the first data content by the data center using 
a first secret key provided by a key center; 

distributing the encrypted first data content from the data 
center to a first user; 

distributing the first secret key and a second secret key 
from the key center to the first user, the first and second 
secret keys being different from each other; 

decrypting the encrypted first data content by the first user 
using the first secret key; 

editing the first data content by the first user to produce 
edited data content; 

entering second user data as a second electronic water- 
mark to the edited data content by the first user before 
transferring the edited data content from the first user to 
a second user; and 

re-encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user. 

68. A data management method according to claim 67, 
further comprising: 

encrypting the first and second secret keys by the key 
center using a public key of the first user before 
distributing the first and second secret keys to the first 
user, and 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key. 

69. A data management method according to claim 67, 
wherein the secret keys are generated by the key center. 

70. A data management method according to claim 67, 
wherein the first and second secret keys are generated by the 
key center based on the first user data. 

71. A data management method according to claim 67, 
wherein the secret keys are selected by the key center from 
a key library at the key center 

72. A data management method according to claim 67, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 
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73. A data management method according to claim 67, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first nser by overwriting the first secret key with the 
second secret key. 

74. A data management method according to claim 67, 
wherein the secret keys are stored at the key center to 
provide a key escrow system by the key center. 

75. A data management method according to claim 67, 
wherein the secret keys are stored at the key center to 
provide a key recovery system by the key center. 

76. A data management method according to claim 67, 
further comprising: 

registering a scenario with the key center, the scenario 
being an editing process on the first data content 
generated by said editing of the first data content; 

distributing a third secret key from the key center to the 
first user upon registration of the scenario, the third 
secret key being different from the first and second 
secret keys; and 

encrypting the edited data content by the first user using 
the third secret key before storing, copying, or trans- 
ferring the edited data content by the first user. 

77. A data management method comprising: 

entering first user data as a first electronic watermark to 

first data content by a data center; 
encrypting the first data content by the data center using 

a first secret key provided by a key center; 
distributing the first data content from the data center to 

a first user; 

distributing the first secret key and a second secret key 
from the key center to the first user, the first and second 
secret keys being different from each other; 

decrypting the encrypted first data content by the first user 
using the first secret key; 

editing the first data content by the first user to produce 
edited data content; 

entering second user data as a second electronic water- 
mark to the edited data content by the first user before 
transferring the edited data content from the first user to 
a second user; 

encrypting the edited data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the edited data content by the first user; 

requesting the key center for access to the encrypted 
edited data content by the second user; 

distributing the second secret key and a third secret key 
from the key center to the second user, the second and 
third secret keys being different from each other; 

decrypting the encrypted edited data content by the sec- 
ond user using the second secret key; and 

re-encrypting the edited data content by the second user 
using the third secret key before storing, copying, or 
transferring the edited data content by the second user. 

78. A data management method according to claim 77, 
further comprising: 

encrypting the first and second secret keys by the key 
center using a public key of the first user before 
distributing the first and second secret keys to the first 
user; 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key; 



H,991 B2 

32 

encrypting the second and third secret keys by the key 
center using a public key of the second user before 
distributing the second and third secret keys to the 
second user; and 
S decrypting the second and third secret keys by the second 
user using a private key of the second user before 
decrypting the encrypted edited data content using the 
second secret key. 

79. A data management method according to claim 77, 
10 wherein the secret keys are generated by the key center. 

80. A data management method according to claim 77, 
wherein the first and second secret keys are generated by the 
key center based on the first user data, and the third secret 
key is generated by the key center based on the second user 

15 data. 

81. A data management method according to claim 77, 
wherein the secret keys are selected by the key center from 
a key library at the key center. 

82. A data management method according to claim 77, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
corresponding to the second secret key are distributed 
to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
attached to the first data content. 

83. A data management method according to claim 77, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
35 second secret key, and 

wherein after said decrypting by the second user using the 
second secret key, the second secret key is abandoned 
by the second user by overwriting the second secret key 
with the third secret key. 
40 84. A data management method according to claim 77, 
wherein the secret keys are stored at the key center to 
provide a key escrow system by the key center. 

85. A data management method according to claim 77, 
wherein the secret keys are stored at the key center to 

45 provide a key recovery system by the key center. 

86. A data management method comprising: 

entering first user data as a first electronic watermark to 

first data content by a data center; 
encrypting the first data content by the data center using 
50 a first secret key provided by a key center; 

distributing the encrypted first data content from the data 

center to a first user; 
distributing the first secret key and a second secret key 

from the key center to the first \iser, the first and second 

secret keys being different from each other; 
decrypting the encrypted first data content by the first user 

using the first secret key; 
editing the first data content by the first user to produce 
gQ edited data content; 

registering a scenario with the key center, the scenario 

being an editing process on the first data content 

generated by said editing of the first data content; 
entering second user data as a second electronic water- 
65 mark to the edited data content by the first user before 

transferring the edited data content from the first user to 

a second user; 
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distributing a third secret key from the key center to the 
first user upon registration of the scenario, the third 
secret key being different from the first and second 
secret keys; 

encrypting the edited data content by the first user using 
the third secret key before storing, copying, or trans- 
fening the edited data content by the first user; 

re -encrypting the first data content by the first user using 
the second secret key before storing, copying, or trans- 
ferring the first data content by the first user; 

requesting the key center for access to the encrypted 
edited data content by the second user; 

distributing the third secret key and a fourth secret key 
from the key center to the second tiser, the third and 
fourth secret keys being different from each other; 

decrypting the encrypted edited data content by the sec- 
ond user using the third secret key; and 

re -encrypting the edited data content by the second user 
using the fourth secret key before storing, copying, or 
transferring the edited data content by the second user. 

87. A data management method according to claim 86, 
further comprising: 

encrypting the first and second secret keys by the key 
center using a public key of the first user before 
distributing the first and second secret keys to the first 
user; 

decrypting the first and second secret keys by the first user 
using a private key of the first user before decrypting 
the encrypted first data content using the first secret 
key; 

encrypting the third secret key by the key center using the 

public key of the first user before distributing the third 

secret key to the first user; 
decrypting the third secret key by the first user using the 

private key of the first xiser before encrypting edited 

data content using the third secret key; 
encrypting the third and fourth secret keys by the key 

center using a public key of the second user before 

distributing the third and fourth secret keys to the 

second user; and 
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decrypting the third and fourth secret keys by the second 
user using a private key of the second user before 
decrypting the encrypted edited data content using the 
third secret key. 
5 88. A data management method according to claim 86, 
wherein the secret keys are generated by the key center 

89. A data management method according to claim 86, 
wherein the first, second, and third secret keys are generated 
by the key center based on the first user data, and the fourth 
secret key is generated by the key center based on the second 
user data. 

90. A data management method according to claim 86, 
wherein the secret keys are selected by the key center from 
a key library at the key center. 

91. A data management method according to claim 86, 
wherein each of the secret keys is divided into corre- 
sponding partial secret keys, 

wherein one of the partial secret keys corresponding to the 
first secret key and one of the partial secret keys 
20 corresponding to the second secret key are distributed 
^ to the first user, 

wherein another one of the partial secret keys correspond- 
ing to the first secret key and another one of the partial 
secret keys corresponding to the second secret key are 
25 attached to the first data content. 

92. A data management method according to claim 86, 
wherein after said decrypting by the first user using the 

first secret key, the first secret key is abandoned by the 
first user by overwriting the first secret key with the 
30 second secret key, and 

wherein after said decrypting by the second user using the 
third secret key, the third secret key is abandoned by the 
second user by overwriting the third secret key with the 
fourth secret key. 
^5 93. A data management method according to claim 86, 
wherein the secret keys are stored at the key center to 
provide a key escrow system by the key center. 

94. A data management method according to claim 86, 
wherein the secret keys are stored at the key center to 
provide a key recovery system by the key center. 

4< >i< * >•< 4 
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